セミナー

iijlabセミナー

Multipath QUIC: Taking the Best of Multipath and TCP

日時: 2017-12-19 18:00

場所: 株式会社インターネットイニシアティブ 13階 Opera2

話者: Quentin De Coninck (Université Catholique de Louvain)

概要:

Quick UDP Internet Connection (QUIC) is a recent protocol initiated by Google that merges the functions of HTTP/2, TLS and TCP directly over UDP. It can replace the traditional HTTP/TLS/TCP stack and the IETF has chartered a working group to standardize it. QUIC encrypts all data and most protocol headers to prevent interferences from middleboxes. However, the current QUIC design still assumes a single-path flow. This talk presents Multipath QUIC, a QUIC extension that enables a QUIC connection to simultaneously use different network paths. This ability to spread data over several networks provides bandwidth aggregation and better support for mobility scenarios. I will first discuss the design of the proposed solution. Based on our implementation based on quic-go, I will then show a comparison of performance between (Multipath) QUIC and (Multipath) TCP in a various environments covering large network parameter spaces (bandwidth, delay, buffer sizes, losses). Finally, I will discuss several new usecases opened by Multipath QUIC, some being unpractical with (Multipath) TCP.

CAIDA talks

日時: 2017-11-21 17:30

場所: 株式会社インターネットイニシアティブ 13階 Opera2

話者: k claffy, Bradley Huffaker, Matthew Luckie (CAIDA)

概要:

mapping our way to a more secure Internet (k claffy)

abstract: Today the "cyber threat" is one of our most serious economic and national security challenges. But our lack of empirically grounded understanding of the structure, dynamics, and scope of vulnerabilities of the global Internet renders this challenge virtually intractable. In this talk, we examine the emerging field of cyber-cartography: what kind of maps of the Internet do we need, and what problems do they solve? What capabilities are required to construct which maps, and what blocks progress on development of these capabilities? We'll provide examples of applied mapping research and development activities at various levels of maturity, including those that support detection of Internet security and stability weaknesses. By the end of this talk you will learn at least five ways that you personally can participate in the field of cybercartography.

A Look at Router Geolocation in Public and Commercial Databases (Bradley Huffaker)

abstract: Internet measurement research frequently needs to map infrastructure components, such as routers, to their physical locations. Although public and commercial geolocation services are often used for this purpose, their accuracy when applied to network infrastructure has not been sufficiently assessed. Prior work focused on evaluating the overall accuracy of geolocation databases, which is dominated by their performance on end-user IP addresses. In this work, we evaluate the reliability of router geolocation in databases. We use a dataset of about 1.64M router interface IP addresses extracted from the CAIDA Ark dataset to examine the country- and city-level coverage and consistency of popular public and commercial geolocation databases. We also create and provide a ground-truth dataset of 16,586 router interface IP addresses and their city-level locations, and use it to evaluate the databases’ a curacy with a regional breakdown analysis. Our results show that the databases are not reliable for geolocating routers and that there is room to improve their country- and city-level accuracy. Based on our results, we present a set of recommendations to researchers concerning the use of geolocation databases to geolocate routers.

abstract: Despite source IP address spoofing being a known vulnerability for at least 25 years, and despite many efforts to shed light on the problem, spoofing remains a viable attack method for redirection, amplification, and anonymity. The goal of the CAIDA spoofer project is to increase the density of crowd-sourced measurement of ingress filtering, and publicly provide evidence of where remediation attention should be focused. In this talk, I will discuss the new measurement system we developed, present the public reporting website, report on remediation and outreach efforts, and discuss lessons learned.

Benchmarking methodology for IPv6 transition technologies

日時: 2017-10-10 18:00

場所: 株式会社インターネットイニシアティブ 13階 Opera2

話者: Gábor Lencse (Department of Network Systems and Services, Budapest University of Technology and Economics)

概要: RCF 2544 deals with the benchmarking methodology for network interconnect devices and RFC 5180 addresses IPv6 specificities, but explicitly declares that IPv6 transition technologies are outside of its scope. The fresh RFC 8219 defines benchmarking methodologies for them.
This presentation introduces the most important solutions described in RFC 8219 by following its categories as dual stack, single translation, double translation and encapsulation technologies plus DNS64, which does not fit into any of these categories. Besides the definitions of performance metrics and their measurement procedures, both some interesting theoretical questions are discussed and some very practical problems are considered such as the available measurement tools (e.g. dns64perf++ for DNS64) and the issues of their development.

Simulating Satellite Internet Links into Pacific Islands

日時: 2017-07-12 14:30~15:30

場所: 株式会社インターネットイニシアティブ 13階 Opera2

話者: Ulrich Speidel (Department of Computer Science, The University of Auckland)

概要: In many small Pacific Island countries, remoteness, deep
ocean and low GDP put international submarine cable connectivity
out of reach, and satellite Internet is the only option. However,
satellite bandwidth is expensive: typical ISP capacities are
between 8 and < 100 Mbps on geostationary satellites, and a few
hundred Mbps on medium earth orbit satellites. These are often
shared between dozens if not hundreds of end users. This
bottleneck, along with the significant latency of satellite links,
conspires badly against TCP senders and islanders: Many flows
never get to open their congestion windows, those that do do so
only very slowly, and TCP queue oscillation is rife. Many links
are badly underutilised as a result. Potential solutions are at
hand in the form of performance-enhancing proxies (PEPs) and
forward error correction across packets and the satellite link
input queue - but how can we tell how well they might work? To
answer such questions, we have built a satellite network simulator
at the University of Auckland. The simulator is largely hardware
based, with 84 Raspberry Pis and 10 Intel NUCs providing client
demand on the "island side", one dedicated Super Micro Server
simulating the satellite link itself, one Super Micro on either
side providing coding and/or PEP services, and 14 further Super
Micros providing "world" TCP traffic to the island at avariety of
"terrestrial" latencies. My talk will cover our simulation
approach, our current results, challenges faced and lessons
learned so far.

略歴: Rodney Van Meter received a B.S. in engineering and applied
science from the California Institute of Technology in 1986, an
M.S. in computer engineering from the University of Southern
California in 1991, and a Ph.D. in computer science from Keio
University in 2006. His current research centers on quantum
computer architecture and quantum networking. Other research
interests include storage systems, networking, and post-Moore's
Law computer architecture. He is now an Associate Professor of
Environment and Information Studies at Keio University's Shonan
Fujisawa Campus. Dr. Van Meter is a member of AAAS, ACM and IEEE.

Unbounded Spigot Algorithms for the Digits of Pi

日時: 2017-03-27 19:00~20:00

場所: 株式会社インターネットイニシアティブ 13階 Opera2

話者: Jeremy Gibbons (Oxford University)

概要: Rabinowitz and Wagon presented a spigot algorithm for computing the digits of π. A spigot algorithm yields its outputs incrementally, and does not reuse them after producing them. Rabinowitz and Wagon’s algorithm is inherently bounded; it requires a commitment in advance to the number of digits to be computed. We propose some streaming algorithms based on the same and some similar characterizations of π, with the same incremental properties, but without requiring the prior bound. They are nice examples of lazy functional programming, and instances of a more general scheme for streaming computation.

TouIX to TouSIX : The Internet eXchange SDN experience

日時: 2017-02-06 18:00~19:00

場所: 株式会社インターネットイニシアティブ 13階 Cantata

話者: Marc Bruyere (東京大学)

概要: The Internet eXchange Points (IXP) are essential for the Internet evolution as they empower high bandwidth low latency and inexpensive local traffic peering as opposed to transit traffic.
OpenFlow SDN enables network programmability to control network behavior via open interfaces, as opposed to the legacy closed-box solutions and proprietary-defined interfaces.
This presentation is about the migration of the TouIX from a traditional to a full OpenFlow IXP. A quick view of the architecture choices to eliminate broadcast traffic to reduce complexity are discussed and how switches have been selected and programmed with the TouSIX-Manager. The TouSIX-Manager have been developed internally to give direct monitoring and programmability to the members through web interfaces.
TouIX is a non-profit neutral Internet eXchange Point organization founded in 2005. It provides an interconnected network infrastructure at 4 PoPs around the city of Toulouse and the Paris FranceIX and LyonIX IXPs.

Reaping the Benefits of IPv6 Segment Routing

日時: 2016-10-12

場所: 株式会社インターネットイニシアティブ 13階 Cantata

話者: David Leburun (Université catholique de Louvain)

概要: Segment Routing is a modern variant of source routing being standardised by the IETF. It enables routers and endhosts to better control the path followed by the packets in the network. Using SR as a foundation, we articulate two key aspects of its potential: the data plane and the control plane. Firstly, we show how the SR data plane enables operators to perform tasks and provide services that may be otherwise difficult to achieve with current techniques. Secondly, we show how to leverage the SDN paradigm with an SR IPv6 control plane and briefly describe a possible deployment.

話者略歴: David Lebrun is a PhD student in the IP Networking Lab at Université catholique de Louvain in Belgium, in his fourth and last year. His PhD thesis is focused on leveraging the IPv6 flavor of Segment Routing for value-added services and on implementing it into the Linux kernel.

A Fast and Practical Software Packet Scheduling Archtecture

日時: 2016-7-19

場所: 株式会社インターネットイニシアティブ 13階 Opera2 会議室

話者: Luigi Rizzo (Università di Pisa)

概要: Dynamic resource scheduling is key to achieve dependable service guarantees, allocate spare capacity and protect systems against misuse. For network traffic in a cloud environment, packet scheduling is often done in software, a task made hard by the extremely high frequency of decisions (10+ million packets per second) and the large number of concurrent sources.
No currently available solution simultaneously supports high decision rates, scales to many concurrent clients, and has provable, small deviation from ideal allocation at high link utilization. The pieces to make the above possible do exist, though, from efficient schedulers with tight analytical service guarantees to fast packet I/O frameworks.
In this talk we fill the gap and propose an architecture to run software packet schedulers efficiently even in a high speed, highly concurrent environment. We achieve this result by separating the scheduling decision from the actual packet transmission, so that the latter can be performed in parallel by clients. We provide analytical bounds on the service guarantees of our scheduling architecture even at high link utilization, and present an accurate discussion of implementation issues. Our prototype can make over 20 million scheduling decisions per second even with tens of concurrent clients running on a multi-core, multi-socket system, while adding less than 2 us to the communication delay.

話者略歴: Luigi Rizzo is a professor at the Università di Pisa. He has worked on network emulation, high performance networking, packet scheduling, multicast and reliable multicast. He is a long time contributor to FreeBSD, for which he has developed several subsystems including the dummynet network emulator, the ipfw firewall, and the netmap framework. He has been program committe member for for sigcomm, conext, infocom, nsdi, Usenix ATC, ANCS and other conferences, as well as PC chair for Sigcomm 2009 and Conext 2014, ANCS 2016, and general chair for Sigcomm 2006. Luigi has been a frequent visiting researcher at various institutions including ICSI/UC Berkeley, Google Mountain View, Intel Research Cambridge, Intel Research Berkeley.

A New Networking API with the OS stack and Dedicated NICs (仮)

概要: Message-oriented workloads over TCP which comprise of a large number of concurrent connections are common in both datacenters (e.g., memcached) and the Internet (e.g., web servers and CDNs).

In this talk, we first show how the OS network stack fails to serve such workloads.
Although TCP/IP processing only takes less than 0.8 us for each of TX and RX path, the socket API and packet I/O subsystem come at a significant cost.

This observation suggests preserving the feature-rich kernel TCP/IP implementation that has been evolved by the collaborative effort of OS developers, IETF and researchers to cope with all the network conditions including many corner cases and threats, and improving those stumbling blocks, rather than implementing a TCP/IP stack from scratch for OS-bypass networking.

Stackmap brings common techniques used by high-performance OS-bypass networking---including clean-slate APIs, batching and lightweight buffer management---into the OS stack by exploiting an opportunity of a NIC that is dedicated to a Stackmap application.

Stackmap outperforms Linux in both throughput and latency, and achieves comparable performance to Seastar, a highly-optimized, production-quality user-level TCP/IP stack.